CVE-2009-3848

Name of the Vulnerable Software and Affected Versions HP OpenView Network Node Manager (OV NNM) versions 7.01, 7.51, and 7.53

Description The issue is related to a stack-based buffer overflow in the nnmRptConfig.exe component, allowing remote attackers to execute arbitrary code. This is achieved by providing a long Template parameter, which is related to the vsprintf function.

Recommendations For HP OpenView Network Node Manager (OV NNM) versions 7.01, 7.51, and 7.53, consider restricting access to the nnmRptConfig.exe component to minimize the risk of exploitation. As a temporary workaround, avoid using long Template parameters in the affected component until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.